Wordpress Plugin SQl Injection Exposes 1,000,000 Sites to Cyber Attack

Over a million WordPress websites have been at risk due to a critical SQL Injection vulnerability discovered in the popular LayerSlider plugin. The flaw, CVE-2024-2879, could allow unauthenticated attackers to extract sensitive data, including password hashes, from websites’ databases. The vulnerability, tracked under the identifier CVE-2024-2879, has been assigned a CVSS score of 9.8, categorizing it as critical. Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Try Trustifi Free Threat Scan …